Malware attacks continue to skyrocket. Making this worse is how cyber criminals are able to continuously think of new and innovative ways to conduct infections. From overlay malware to Popcorn Time, there’s just no telling how far the perpetrators can go in terms of the types of malware attacks that they can come up with. And now, with the discovery of a new type of exploit kit involving image files, the picture looks grimmer.
What is Stegano, and why is it worse than most malware strains that Internet users have seen so far?
Stegano is a type of exploit kit that uses images on legitimate and trusted websites to do its bidding. Discovered by ESET researchers around November last year, the exploit kit has been found being used by cyber criminals for spreading malware through ad banners that are shown on a large number of reputable heavy traffic websites.
Perpetrators use the exploit kit to embed malicious code in individual pixels of images. These poisoned images will target unwitting users by performing an initial scan on their devices for Flash player vulnerabilities, all without the need for any user interaction.
If the device is found to be vulnerable, the remote server will then send a poisoned image; otherwise, the clean version of the image will be shown, as if the scanning did not take place at all.
Successful scans will then enable the perpetrators to execute and download malicious payloads on an infected device.
According to ESET, the difference between a clean and infected image is very minimal that it can be impossible for the untrained eye to tell the changes.
At the moment, malicious images employing the Stegano exploit kit only work with Internet Explorer (IE). While most of today’s Internet users are using Chrome, there are still those that use IE. Data from web-development specialist SitePoint showed that IE users made up a little over 15 percent of all Internet users in December 2015, higher than Firefox’s share, and that of Opera and Safari combined during the said period.
Protect yourself using the best online security VPN
Stegano is only known to affect IE users at the moment, but there is still the possibility of other browsers like Chrome and Firefox becoming vulnerable. To ensure browsing sessions that are free from malware attacks, one effective way is by using an online security VPN like Hotspot Shield.
Hotspot Shield is a free download VPN that you can install in your Windows, OS X, Android or iOS device. It protects you from malware attacks by notifying you that the website you’re trying to visit carries malware. Hotspot Shield uses a database of more than 3.5 malware-infected sites to make this possible. To download Hotspot Shield, visit this page.
Don’t let Stegano-carrying websites infect your device. Download Hotspot Shield online security VPN now for a worry-free online browsing experience!